Authentication Service

  • Host:
  • Protocols: https

MediaMath’s TerminalOne API allows third-party applications developed on the TerminalOne API to obtain various levels of permission from a T1 user to access the user’s data on the TerminalOne Platform (exposed via the Execution & Management API) without storing the user’s username and password.

This section provides a detailed walk-through of the OAuth2 workflow on T1. Please reach out to your MediaMath account representative or MediaMath Support if you have any questions/feedback on the materials presented in this document.

If you’re new to OAuth2, we highly recommend Digital Ocean’s primer on the subject. Dynamically registered clients only support the Authorization Code Grant, as most MediaMath APIs require a user context.

MediaMath expects all application owners to protect API keys and secrets. Please be prepared to rotate API keys or secrets if they are compromised in any way.

Accessing the MediaMath APIs via OAuth2 As the Owner of a Terminal One Account

Step 1. Register a MediaMath Application

Reach out to MediaMath Support and we will create the Client ID and Client Secret for you to access the MediaMath API.

Step 2. Use the Resource Owner / Password Grant to get an Access Token

$ http POST \
grant_type=password \ \
password=somepassword \
audience="" \
client_id="GFg6CdBuibi1tk9yOQk0wwlDU6vqwyoP" \
    "access_token": "eyJ0eX...KACzrBhNEg",
    "expires_in": 86400,
    "token_type": "Bearer"

Step 3. Copy the Session ID

MediaMath is in the process of migrating all APIs to OAuth2, but some APIs are not fully migrated. To mitigate that, make a request to with the Authorization:"Bearer ACCESS_TOKEN header, and copy the adama_session cookie header from the response. Use both the Authorization:"Bearer ACCESS_TOKEN" header and adama_session=XYZ cookie in all future requests.